Twitter | Search | |
Brute Logic
Another brutal secret revealed! ๐Ÿ˜Ž Payload to bypass simple email validation in PHP "><svg/onload=confirm(1)>".y case #21 check it here:
Reply Retweet Like More
Brute Logic 24 Nov 18
Replying to @brutelogic
It's a simple payload but there's a catch. Here you can see why it can be easily overlooked.
Reply Retweet Like
Indian Er Singh Jun 23
Replying to @brutelogic @x
I think you are eligible for Google's $31337 bug bounty program... It's a huge bug... You should report it to google to be eligible for rewards... Thank you...
Reply Retweet Like
Brute Logic Jun 24
Replying to @Singh_sahab205 @x
It's not a bug it's really a feature.
Reply Retweet Like
Thomas Orlita 28 Nov 18
Replying to @brutelogic @x
This is a valid email address by some standards, but is there a way to actually receive and send emails to such address?
Reply Retweet Like
Brute Logic 28 Nov 18
Replying to @ThomasOrlita @x
Good question... And an interesting ATTACK VECTOR too.
Reply Retweet Like
p3n73st3r 24 Nov 18
i mostly use xss"><svg/onload=prompt(5)"xss@a.b
Reply Retweet Like
TSnus 24 Nov 18
Replying to @brutelogic @x
found this out a couple years ago too, helped me get quite alot of bounties :)
Reply Retweet Like
White Egg ๐Ÿ‘ฅ 24 Nov 18
Replying to @brutelogic @x
Where in the world is it not standard practice to strip special characters from form submissions / post variables?
Reply Retweet Like
Sam Pizzey 24 Nov 18
Valid email addresses should probably be accepted in email address fields.
Reply Retweet Like
Emad Shanab 24 Nov 18
Replying to @brutelogic @x
Thatโ€™s 31337$ google stored xss payload.
Reply Retweet Like